Launch SCAP Policy reports to get your compliance status with the SCAP mandate for one policy. This report draws on data collected during the most recent SCAP scans of the selected hosts.
The SCAP application must be enabled for the subscription. Users other than Managers and Auditors must be granted compliance management permissions in order to run the SCAP certification report.
Go to PC > Reports and select New > SCAP Report > Policy Report. Then tell us:
1) the SCAP policy you want to report on,
2) the format (xml or csv),
3) the asset groups and/or hosts to draw data on.
You'll notice that we prefill the Asset Groups field with the asset groups that are assigned to the policy that you selected for the report. You can report on these asset groups or select other asset groups and/or IPs. You must include at least one host that is in the policy.
Tell me more about:
You can choose to send an email notification when a new report is available by choosing distribution groups, including users with Qualys accounts and those who do not have accounts.
Will the report be included? This depends on whether you've selected this in your settings under Reports > Setup > Scheduled Reporting.
The time zone should be your local time zone (GMT shift and location). Some time zones include locations that observe Daylight Saving Time and others that do not. For this reason, it's important that you make the correct time zone selection. Select the DST option to automatically observe Daylight Saving Time (DST). Note this option is not available if you've selected a location that never observes DST, such as Arizona and Hawaii.
Your subscription must have the Scheduled Reporting feature enabled. Please contact support or your account manager if you would like to enable this feature. Also a Manager must opt in to the New Data Security Model by going to Users > Setup > Security.